diff options
author | mandree <mandree@FreeBSD.org> | 2017-09-28 05:13:23 +0800 |
---|---|---|
committer | mandree <mandree@FreeBSD.org> | 2017-09-28 05:13:23 +0800 |
commit | 818e5a7dec907b4a879138e13cfd6c7dbd2f71ca (patch) | |
tree | 22b35e7d2bf51f39a4340dbc55f6090ffb12ffc2 /security/vuxml/vuln.xml | |
parent | 3ffa26bb4dda9983b1b80cc17f39f7039580c1dc (diff) | |
download | freebsd-ports-gnome-818e5a7dec907b4a879138e13cfd6c7dbd2f71ca.tar.gz freebsd-ports-gnome-818e5a7dec907b4a879138e13cfd6c7dbd2f71ca.tar.zst freebsd-ports-gnome-818e5a7dec907b4a879138e13cfd6c7dbd2f71ca.zip |
Document OpenVPN <2.4.4 CVE-2017-12166 legacy vuln.
Security: CVE-2017-12166
Security: 3dd6ccf4-a3c6-11e7-a52e-0800279f2ff8
Diffstat (limited to 'security/vuxml/vuln.xml')
-rw-r--r-- | security/vuxml/vuln.xml | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 9d2ada9c58d3..7ee4a2be948c 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,41 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="3dd6ccf4-a3c6-11e7-a52e-0800279f2ff8"> + <topic>OpenVPN -- out-of-bounds write in legacy key-method 1</topic> + <affects> + <package> + <name>openvpn</name> + <range><ge>2.4.0</ge><lt>2.4.4</lt></range> + <range><lt>2.3.18</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Steffan Karger reports:</p> + <blockquote cite="https://community.openvpn.net/openvpn/wiki/CVE-2017-12166"> + <p>The bounds check in read_key() was performed after using the value, + instead of before. If 'key-method 1' is used, this allowed an + attacker to send a malformed packet to trigger a stack buffer + overflow. [...]</p> + <p>Note that 'key-method 1' has been replaced by 'key method 2' as the + default in OpenVPN 2.0 (released on 2005-04-17), and explicitly + deprecated in 2.4 and marked for removal in 2.5. This should limit + the amount of users impacted by this issue.</p> + </blockquote> + </body> + </description> + <references> + <url>https://community.openvpn.net/openvpn/wiki/CVE-2017-12166</url> + <url>https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15492.html</url> + <cvename>CVE-2017-12166</cvename> + </references> + <dates> + <discovery>2017-09-21</discovery> + <entry>2017-09-27</entry> + </dates> + </vuln> + <vuln vid="16fb4f83-a2ab-11e7-9c14-009c02a2ab30"> <topic>ImageMagick -- denial of service via a crafted font file</topic> <affects> |